cPanel TSR-2014-0002 Announcement
cPanel has released a new build for the 11.42, CURRENT, and EDGE update tiers.
This update provides targeted changes to address security concerns with the 11.42 release of the cPanel & WHM product. This build is currently available to all customers via the standard update system.
If you have configured your cPanel & WHM servers to automatically update when new releases are available, then no action is required. Your systems will update automatically. If you have disabled automatic updates, then it is strongly encourage you to update your cPanel & WHM installations at your earliest convenience.
The following cPanel & WHM versions address all known vulnerabilities:
* 18.104.22.168 & Greater
SECURITY ISSUE INFORMATION
Independent security researchers identified the security issue resolved in this update. There is no reason to believe that this vulnerability is known to the public. As such, cPanel will only release limited information about the vulnerability at this time.
Once sufficient time has passed, allowing cPanel & WHM systems to automatically update to the new version, cPanel will release additional information about the nature of this security issue.
Additional information is scheduled for release on February 14th, 2014.